Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Discover Flaws in Digital Currency Monero That Could Reveal Identity of Users (wired.com)

Posted by msmash on from the not-as-strong-as-it-seems dept.

Researchers have discovered flaws in Monero, a digital currency that boasts a high degree of anonymity, that could lead to the identification of users. From a report: Monero is designed to mix up any given Monero "coin" with other payments, so that anyone scouring Monero's blockchain can't link it to any particular identity or previous transaction from the same source. But in a recent paper, a team of researchers from a broad collection of institutions -- including Princeton, Carnegie Mellon, Boston University, MIT, and the University of Illinois at Urbana-Champaign -- point to flaws in that mixing that make it possible to nonetheless extract individual transactions.

That shouldn't just worry anyone trying to stealthily spend Monero today. It also means evidence of earlier not-quite-untraceable payments remain carved into Monero's blockchain for years to come, visible for any snoop that cares to look.

2 of 35 comments (clear)

  1. Anyone surprised... by YukariHirai · · Score: 3, Insightful

    Anyone who's surprised by this isn't suspicious enough of the idea that a currency built on a permanent public ledger of transactions could possibly be anonymous.

  2. The cryptographers in the world, all hacked by raymorris · · Score: 1, Insightful

    It wouldn't matter if they WERE the best and brightest. If you study cryptography you learn about famous cryptographers such as Polybius, Trithemius, VigenÃre, Stager, Scherbius, Rivest, and Schneier. These are the best cryptographers the world has ever seen. They all have own thing in common - their creations have all been hacked, broken.

    A fundamental law is that it is easier to break something than to make that thing. Physicists call this "maximum entropy" - things naturally tend away from order and structure, things break more easily than they are made. Any cipher, any encryption, which can be made by people can broken by people.

    In cryptography, as in crime, one side has an almost insurmountable advantage. The cryptographer can come up with huge, complex systems with many parts. The cryptanalyst needs only find a single flaw, a single shortcoming or shortcut, anywhere in the system. Cryptonanalysists will amost always beat cryptographers for the same reason a determined police force will almost always find their murderer if they try hard enough - the murderer has to do everything perfect to get with it, the police only need to find that one stray hair, with its DNA, or one drop of blood under the carpet, to prove their case.